Skip to main content
SpringerLink
Log in

ICMP Covert Channel Resiliency

  • Conference paper
  • First Online:
Book cover Technological Developments in Networking, Education and Automation

Abstract

The ICMP protocol has been widely used and accepted as a covert channel. While the ICMP protocol is very simple to use, modern security approaches such as Firewalls, deep-packet inspection and intrusion detection systems threaten the use of ICMP for a reliable means for a covert channel. This study explores the modern usefulness of ICMP with typical security measures in place. Existing ICMP covert channel solutions are examined for compliance with standard RFCs and resiliency with modern security approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
EUR 29.95
Price includes VAT (Finland)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 160.49
Price includes VAT (Finland)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 219.99
Price includes VAT (Finland)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
EUR 219.99
Price includes VAT (Finland)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Postel, J. “Internet Control Message Protocol.” RFC 792. Internet Draft Submission Tool. 30 Apr. 2009.

    Google Scholar 

  2. Lampson, B. W. 1973. “A note on the confinement problem.” Commun. ACM 16, 10 (Oct. 1973), 613-615.

    Article  Google Scholar 

  3. Daemon9. 1997. “LOKI2.” Phrack Magazine, Vol. 7 (51) http://www.phrack.com/issues.html?issue=51&id=1.

  4. Stodle, Daniel. “Ping Tunnel.” http://www.cs.uit.no/daniels/PingTunnel.

  5. Singh, Abhishek, et al. 2003. “Malicious ICMP Tunneling: Defenseagainst the Vulnerability.” In: Lecture Notes in Computer Science, Vol.2727, Springer Berlin / Heidelberg, pp. 226-236.

    Google Scholar 

  6. Muench, Martin J. 2003. “ICMP-Chat.” http://icmpchat.sourceforge.net/index.html.

  7. Murphy, R. P. 2006. “IPv6 / ICMPv6 Covert Channels.” DEFCON 14. https://forum.defcon.org/archive/index.php/t-7588.html.

  8. Sourcefire. “Snort IDS.” http://www.sourcefire.com.

Download references

Author information

Authors and Affiliations

  1. Department of Networking, B. Thomas Golisano College of Computing and Information Sciences, Rochester Institute of Technology, Rochester, New York, 14623, USA

    Kristian Stokes (Security, and Systems Administration), Bo Yuan (Security, and Systems Administration), Daryl Johnson (Security, and Systems Administration) & Peter Lutz (Security, and Systems Administration)

Authors
  1. Kristian Stokes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bo Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daryl Johnson
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peter Lutz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Khaled Elleithy

  2. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Tarek Sobh

  3. Dept. Civil & Environmental Engineering, Polytechnic University, Jay Street 333, Brooklyn, 11201, USA

    Magued Iskander

  4. Dept. Civil & Environmental Engineering, Polytechnic University, Jay Street 333, Brooklyn, 11201, USA

    Vikram Kapila

  5. Old Dominion University, Monarch Way 4111, Norfolk, 23508, USA

    Mohammad A. Karim

  6. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Ausif Mahmood

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media B.V.

About this paper

Cite this paper

Stokes, K., Yuan, B., Johnson, D., Lutz, P. (2010). ICMP Covert Channel Resiliency. In: Elleithy, K., Sobh, T., Iskander, M., Kapila, V., Karim, M., Mahmood, A. (eds) Technological Developments in Networking, Education and Automation. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-9151-2_87

Download citation

  • DOI: https://doi.org/10.1007/978-90-481-9151-2_87

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-90-481-9150-5

  • Online ISBN: 978-90-481-9151-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation